Almost two-thirds (63 per cent) of sys administrators fear that workers share too much personal information through social networking websites, according to a poll by IT security firm Sophos. Blabby workers are putting corporate infrastructure and data at risk, according to the survey, which also found that a quarter of …
IT becomes a revenue reclaimer?
This article made me realise that charging for internal network for personal use may actually have a value. By using company provided resources for entertainment ( which is not a bad thing of itself; break rooms exist for a reason), not only is there a legitimate threat to the machine they are doing it from, but the network becomes more of a target which goes directly against ( most ) tech organisms chem. While breaks and office coffee are necessities for smooth business running, your mates' biohazard(')s(') physical characteristics are not, so up to the minute monitoring should be discouraged before they are an assumed right.
(blatantly over-)Charging for the privilege would put a price on priceless ( i.e. worthless) friend swarms, force folk to re-evaluate time spent on business hours relationships, and bring beer money into the IT dept, or at least into the pocket of someone who can muddle the accounting process.
Damn it, i'm going to go propose this tomorrow :D
Titter me not not
Ignoring the substantive point of the article entirely, the subhead was the biggest laugh (well, aggravated smile) I've had all day. subbie.points++;
Why would you allow social networking sites?
"Almost two-thirds (63 per cent) of sys administrators fear that workers share too much personal information through social networking websites, according to a poll by IT security firm Sophos."
So why do they not block them?
"Although one third of organisations still reckon timewasting on social networking sites is the greater issue with sites such as Twitter and Facebook, malware and data leakage were also cited as concerns by many firms."
This shows that the sysadmins would have the backing from the management for a block
What company allows their employees to play on corporate time, anyway? To date, I've never seen a "social networking" site that would be valuable as a business tool ... at least not any tool that has better solutions that run on the corporate network. At most of the places I consult for, employees are given one warning if found to be wasting corporate time on "social networking" sites. The second time they are caught, they are fired.
It All Comes Down to User Awareness Training
Although this article brings up a lot of good points, I think one thing they are missing is continual user awareness training. Many security lapses, including blabbing sensitive information on social networking sites, are caused by unwitting users that just don't know any better. After major security events, most organizations take "diet" approach where everybody is trained and brought up to speed on the latest ways to avoid problems. Organizations need to instead make a lifestyle change and learn to "eat right" by investing in and managing a comprehensive security awareness program.
Management, management, management
If managers do not manage what can one expect?
Or maybe managers are also twitting away furiously too probably indicating leakage is endemic.
Poor adherence to standards is always a management activity (or inactivity as the case may be).
They don't allow friend swam sites because...
...in reality all the bright young managers would do nothing else all day.
Staff are too busy to Friend-Face...
'Diet approach'... 'Eat right'... As long as all your staff are vomiting in the same bucket.
'Organisations need to make a lifestyle change'... Organisations do not have 'lifestyles'. People have 'lifestyles'.
'Continual user awareness training'... I think the phrase du jour is 'Continual User Notification Training'. Makes a very nice title for a manager.
I hate you and all of your kind. Please let us know what company you work for, so we can avoid it.
I know this is a bit Dickensian but..
Appen, win I weret youngster just starting out back int 70's the only reason for a telephone call at work were if someone ad died or were at death's door. Aye, technologies moved on an aint it greet!
You did your "Social Networking" when you were "Not-working" down the pub/social club/etc. at lunchtime or of an evening or weekend. At lunch time you may bitch between you about absent colleagues or project/work activities but generally other times were for non-work related chat.
It need hardly be said that unabused internet access can be exceptionally useful and productive for search/research at work. It should, however, be a very rare employer that allows "Social Notworking" sites to be accessed during work time and if they do they deserve to lose their shirt. Darwin was close to the truth, I think you'll find.
Great for Marketing - not so much for bored end-users
Access to all the social networking sites can be a great way to create a corporate presence, providing information in a less sterile setting about your company and your culture.
At the same time, unfettered access to the masses can lead to scads of wasted time and inappropriate material being leaked.
This is the sort of thing that shouldn't be enabled globally, but should be doled out to those who have it in their job description to explore emerging technology for enhancing and advancing the reputation of the business and scoping out bright young talent to hire.
Maybe its because...
> sys admin teams make a little hole so that they can use social networking stuff
> word spreads out on "do this then that" basis
> after a year or two it is so widespread in that organisation
Cool down Anonymous Coward. I'm in the trenches like most everyone else - no manager here.
I just see time and time again that people just don't get it unless you slap them over the head with it again and again in a number of different ways.
You can't go at this in a willy-nilly way because it can quickly become a big waste of $$$. You need to put together some ongoing training plan to evolve the organization from being clueless into security-aware. That way you minimizing your changes of getting 0wned.
By the way, I hate you too. :)